Rev 592 |
Compare with Previous |
Directory listing |
Details |
Blame |
View Log
| RSS feed
Last modification
- Rev 711 – 2021-12-26 18:33:19
- Author: daniel-marschall
- Log message:
- Auth keys (internally used for email verification etc.) now use HMAC instead of normal hash
Added new base config setting RA_PASSWORD_PEPPER_ALGO (dangerous! Only for experts!)
OIDplusSessionHandler.class.php: Improved internal encryption!
ATTENTION
!!! If you are updating from the TAR.GZ distibution channel, then the update *will* temporarily
!!! FAIL with the error message "Authentication failed". Once the error appears, close your
!!! browser window and delete the cookies, then log-in again, and continue the update process.
!!! (The error happens because of the update of the internal session encryption procedure)